Certified Defensive Security Analyst by Academy. Get started now!
Ready is a medium difficulty Linux machine. A vulnerable version of GitLab server leads to a remote command execution, by exploiting a combination of SSRF and CRLF vulnerabilities. Bad permission on a backed up configuration file of the Gitlab server, reveals a password that is found to be reusable for the user `root`, inside a docker container. After root access is acquired, escaping the container is possible since it is running in privileged mode.